The Relative Identifier (RID) pool is a range of unique identifiers that are assigned to security principals, such as user and computer accounts, in an Active Directory (AD) domain. To view the RID pool for a domain, you can use the “Active Directory Users and Computers” console or the “ntdsutil” command-line utility.
Here are the steps to view the RID pool using the “ntdsutil” command-line utility:
C:\Windows\system32>dcdiag /test:ridmanager /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server…
- Verifying that the local machine DC10, is a Directory Server.
Home Server = DC10- Connecting to directory service on server DC10.
- Identified AD Forest.
Collecting AD specific global data- Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Windowstechno,
DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),…….
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=IND-MUM,CN=Sites,CN=Con
figuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=IND-CHD,CN=Sites,CN=Con
figuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=US-NYC,CN=Sites,CN=Conf
iguration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=MY-CBJ,CN=Sites,CN=Conf
iguration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=AM-HOUSTC,CN=Sites,CN=C
onfiguration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=IND-PUN,CN=Sites,CN=Con
figuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=IND-BLR,CN=Sites,CN=Con
figuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=IND-DL,CN=Sites,CN=Conf
iguration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=IND-MUM_Staging-Site,CN
=Sites,CN=Configuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=IND-CHD-Schema,CN=Sites
,CN=Configuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=Windowstechno,DC=local
Getting ISTG and options for the site- Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Windowstechno,
DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),…….
The previous call succeeded….
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC10,CN=Servers,CN=IND
-BLR,CN=Sites,CN=Configuration,DC=Windowstechno,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC11,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=Windowstechno,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC41,CN=Servers,CN=IND
-CHD,CN=Sites,CN=Configuration,DC=Windowstechno,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC20,CN=Servers,CN=IND
-CHD,CN=Sites,CN=Configuration,DC=Windowstechno,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC30,CN=Servers,CN=IND
-CHD,CN=Sites,CN=Configuration,DC=Windowstechno,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected- Identifying all NC cross-refs.
- Found 5 DC(s). Testing 1 of them.
Done gathering initial info.Doing initial required tests
Testing server: IND-BLR\DC10
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
……………………. DC10 passed test ConnectivityDoing primary tests
Testing server: IND-BLR\DC10
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Starting test: RidManager
* Available RID Pool for the Domain is 122601 to 1073741823
* DC10.Windowstechno.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 120601 to 121100
* rIDPreviousAllocationPool is 120601 to 121100
* rIDNextRID: 120601
……………………. DC10 passed test RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicasTest omitted by user request: DNS Test omitted by user request: DNSRunning partition tests on : ForestDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidationRunning partition tests on : DomainDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidationRunning partition tests on : Schema
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidationRunning partition tests on : Configuration
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidationRunning partition tests on : Windowstechno
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidationRunning enterprise tests on : Windowstechno.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: IntersiteC:\Windows\system32>
It’s important to monitor the RID pool to ensure that there are enough RIDs available for new security principals to be created. If the RID pool is depleted, new security principals cannot be created, which can impact the functionality of the domain.
So, that’s all in this blog. I will meet you soon with next stuff. Have a nice day!!!
Guys please don’t forget to like and share the post. Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them.
You can also share the feedback on below windows techno email id.
If you have any questions, feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.
The Sysvol folder contains Group Policy objects, logon scripts, and other files and settings that are essential…
FRS stands for File Replication Service, which was a component of Windows Server that provided multi-master replication of files…
DFSR stands for Distributed File System Replication, which is a feature in Windows Server that enables organizations…
Yes, it is possible to increase the RID (Relative Identifier) pool in an Active Directory (AD) domain.…
The RID Master is a domain controller role in Active Directory (AD) that is responsible for allocating a pool…
The Infrastructure Master is a domain controller role in Active Directory (AD) that is responsible…